You can use the user.create or the user.registration.create webhook to do something like this.

If you enable these webhooks and configure the transaction to require the webhook to succeed, then you simply need to return a non-200 status code from the webhook to cause FusionAuth to fail this create.

https://fusionauth.io/docs/v1/tech/events-webhooks/#tenant-settings
https://fusionauth.io/docs/v1/tech/events-webhooks/events/#user-create
https://fusionauth.io/docs/v1/tech/events-webhooks/events/#user-registration-create

First did I miss a good doc/post somewhere explaining how to use slack as an Identity Provider ?

Nope, sorry, we haven't documented that yet.

Second what I could have done wrong, how to correct it ?

I'm unsure. In fact, I'm sorry, from reading this it sounds like you've got it working (except having to give permissions multiple times). What am I missing?

Then does someone manage to get it work with slack's oauth v2 api ?

I have not heard of anyone doing this successfully.

Last why do I have to give permission again & again when I login ?

I'm not sure why Slack would require that again and again. Is the token being stored in the registration object? You can see this if you look at the user and then look at the source tab.

Do you have the docs for the slack OIDC identity provider handy? Have you seen if anyone else is seeing this behavior?

We handle all of this and you can use the native UIs for each of these when on mobile. This is all handled automatically by Facebook, Google, Apple and others.

More about external login providers.

@dan no problem at all. Completely understand it's tough offering support without reviewing how we have things setup.

Appreciate you shooting that link over and will do some investigation on our end to see what might work best for us.

Thanks!